On August 25, 2021, Atlassian released security updates to address a remote code execution vulnerability (CVE-2021-26084) affecting Confluence Server and Data Center. Recently, CVE-2021-26084 has been detected in exploits in the wild. A remote attacker could exploit this vulnerability to take control of an affected system.
CISA urges users and administrators to review Atlassian Security Advisory 2021-08-25 and immediately apply the necessary updates.
Please share your thoughts.
We recently updated our anonymous product survey; we'd welcome your feedback.